1. Field of the Invention
The present invention generally relates to the field of digital rights management, and more particularly to a method, system, and device for storage of, access to, and management of licenses for digital content.
2. Discussion of the Background
In the early days of computer use, the consumer's view was “application-centric.” For example, when consumers wanted to consume digital content, they first opened the appropriate application, such as a word processor. Consumers then accessed the content from within the application.
The current state of the art promotes a “content-centric” view. For example, when consumers want to consume digital content, they double-click the file, including the content, in their file system explorer, and the associated content consumption application launches. The right to consume content is often tied to a particular embodiment of such content. For example, the right to view a movie is tied to physical possession of a DVD. If the content is being protected by a digital rights management (DRM) system, use of that content is predicated upon use of the particular DRM system originally used to protect the content. For example, if the consumer purchased a license for content from company A, the consumer must have company A's DRM system installed on the consumption device to consume such content.
Most of the DRM systems available in the market today have one thing in common, in that they enforce usage rules, as outlined by the content owner or the content distributor in a license. The license may be embedded in the content, or it may be a separate license, which may be machine readable or human readable, such as a click-through license or legal contract. The DRM system interprets the license to identify what the consumer is permitted to do with the content, and restricts the consumer from doing things that are not permitted. The mechanisms that the various DRM systems use to accomplish this task vary widely. For example, many DRM systems express, store, and maintain licenses in a proprietary manner. A consumer typically acquires a DRM system, and requests content provisioned for that system. A content instance then is prepared with encryption or formatting, coupled with other trust and security technologies, that allow the content instance to be used only with a particular DRM implementation. In the case of a digital license, the license typically is stored in a proprietary repository of the DRM system or as part of the content.
Tying consumption of content to a particular combination of consumption application, consumption device, and/or DRM system places limitations on the consumer's purchasing, and consumption habits. However, consumers want to purchase content from a variety of sources (e.g., brick and mortar stores, satellite/cable, internet download, and the like) in a variety formats (e.g., DVD, Redbook audio, computer DVD, streaming, and the like), for a variety of devices (e.g., PCs, home media center, set top boxes, car stereos, mobile phones, portable media players, devices networked to remote locations, and the like).
Consumers may be reluctant to purchase content, because the DRM systems that protect the content may not exist in the future (e.g., in the case of a time-expired DRM system), the company may be out of the business, or the DRM system may not be compatible with the devices that the consumers want to use to consume the content (e.g., in the case of a platform-restricted DRM system). In many cases, the consumer may have devices that can render the content, but such devices may not have the required DRM system.
Consumers also may be reluctant to purchase content, because the format or medium in which the content is currently available may be superseded by a superior format or medium (e.g., DVD may be superseded by high-definition DVD). However, consumers do not want their purchase to become obsolete, requiring them to repurchase the same content in the future.
Consumers must install, manage, and interact with various combinations of consumption devices, consumption applications, and DRM systems in order to use their content, which puts a great burden on the consumer. For example, a consumer's experience in using content for which rights are managed by a particular DRM system is unique to such DRM system. The consumer cannot get an inventory of all the licenses he has purchased, because each license is stored in the proprietary repository for the DRM system that created the license. If a consumer has licenses that are constructed for four different DRM systems, that consumer will have four unique experiences in understanding, managing, and using such licenses.
Consumers also want all content to be available for any suitable device capable of rendering the content. Consumers also want to purchase the content once, and to be able to use that content at any suitable time in the future. Content owners want to make their content accessible to consumers in accordance with usage rules stipulated in a license. Neither the content owner nor the consumer wants to be locked into a particular DRM system. DRM should not be a barrier to such goals. The fact that the current “content-centric” view does create such barriers hurts the content owners, because it limits a consumer's willingness to purchase content.
In an effort to address some of these issues, various attempts to promote interoperability among DRM systems are currently underway. If successfully implemented, interoperability among DRM systems would enable consumers to access their content in the format, location, time, and device of their choosing assuming such rights are granted by the content owner or content distributor. Consumers develop a sense of ownership of the digital content that they have purchased, because they can use such content at any suitable time, and anywhere, regardless of the DRM system or version of such system that is used to enforce the corresponding license. However, there are several barriers to accomplishing DRM interoperability in an ad hoc fashion. For example, with respect to multiplicity, setting up proprietary relationships among various DRM systems is an N-factorial problem for all the permutations.
With respect to security, DRM systems offer different levels of enforcement. If content can travel to any compatible DRM system, a possible security problem is created. Consumers may move all their content to the least secure system, in order to take advantage of the lower level of rights enforcement. This fosters an environment in which the least secure DRM systems are the most widely used.
With respect to support of usage rules in licenses, DRM systems enforce different sets of licensing conditions. Once again, if content can travel to any compatible DRM system, a possible security problem is created. For example, a consumer may move content from a DRM system that allows a one-day rental to a system that does not support the one-day rental restriction, in order to use the content beyond the one-day rental period.
With respect to expressions of usage rules, DRM systems use different mechanisms to specify the usage rules assigned to content. A DRM system may apply a fixed set of rules to all content types and/or instances, or such system may apply usage rules to content on an instance-by-instance basis. DRM systems that apply usage rules to individual content instances vary in their ability to express types of usage rules. For example, DRM system A may enable content owners to stipulate that content can be viewed, but not copied. DRM system B may provide this same capability, but also enable content owners to stipulate that content may be played only once. DRM system C may use a language to offer greater flexibility in the expression of usage rules. These variations in the requirements, and capabilities of the various DRM systems for expressing usage rules make it difficult to implement interoperability.
With respect to user experience, each DRM system has a proprietary user interface that consumers use to understand, consume, and inventory the content to which the consumers have access. Therefore, there is no consistency of user experience across DRM systems.
With respect to license acquisition, when a consumer wants to acquire a license for content, the supplier of the license must understand the DRM system, and format, in order to provide content compatible with that combination of content, device, and DRM system.
There are standards groups, such as ISO MPEG-21, and the Open Mobile Alliance (OMA), that intend to accomplish DRM interoperability, by creating standard DRM system, and interfaces, including content format, client/server communication protocol, content protection method, content identification method, rights expressions, and points of interoperability that enable the content to be exchanged among the various conforming DRM systems. There are other standard groups, such as ISO MPEG-21 REL Working Group, TV-Anytime Rights Management and Protection Group, ISO SC36, IEEE Learning Technology Standards Committee, and Open eBook Forum (OeBF) Rights and Rules Working Group that are focused on establishing a common expression of rights (Rights Expression Language, REL) as the primary means to achieve interoperability. Standardization of a REL is analogous to standardizing a common message exchange format. The advantages are that all conforming systems can communicate with each other, and exchange, and share licenses in an interoperable way, wherein the cost of conformance is low compared to a complete DRM system, and the message (REL) is neutral to, and does not dictate platforms, designs, and implementation. Such approach enables technology providers with different platform agendas to compete on equal footings, while maintaining sufficient interoperability.
Although the various standardization efforts may remove some of the major barriers listed above, many major barriers remain. For example, with respect to creating a standard, standardized DRM systems are extremely difficult to create, because standardization requires that all participants in the value chain, from content owners to rendering device manufacturers, agree on the system's requirements, and achieving such agreement is fraught with complications. Each content owner has their own requirements for the level of security, the usage rules needed in licenses, and the like. A device manufacturer may be reluctant to enforce licenses, because the inconveniences may be disincentive for the consumer to buy. Also this may limit the use of functionality that differentiates the manufacturer from competitors. In addition, not all business models need the same level of security or usage restrictions. For example, commercial broadcast content requires that embedded commercials are watched, whereas distribution of audio MP3s requires restrictions on copying. Even if standards are established, the standards will tend to address market segments that share common security requirements. Ad hoc interoperability across market segments will continue to be problematic.
With respect to international support, as difficult as it is to standardized DRM systems for one country, and the intellectual property laws thereof, it will be nearly impossible to create a globally standardized DRM system. Doing so would require that all countries agree on intellectual property, and usage laws.
With respect to life cycle, like most digital entities, licenses have lifecycles. Licenses are created, used to create new licenses, destroyed, expired, revoked, exercised, transferred, shared, and the like. Although an interoperable expression of rights is valuable in creating interoperable DRM systems, it does not provide all the functionality required to enable such systems to participate in the entire lifecycle of a digital license.
Because of these and other difficulties, the best that can be hoped for is creation of DRM standards for a given market in a given country (e.g., DVD movies in the United States). Accordingly, with current DRM system implementations, the consumer is destined to deal with multiple DRM systems and DRM interoperability problems.